Merge branch 'development' into development-restricted

* development: (81 commits) Add changelog entry file Remove obsolete comment Changelog entry noting the behavior change and storage format change Update SE support to pass a location when registering a driver Update SE support to pass a location when registering a driver Update the SE interface to pass a location when registering a driver Fix macros Missing word Define a macro to construct a lifetime from persistence and location Document PSA_KEY_PERSISTENCE_xxx and PSA_KEY_LOCATION_xxx Rename and clarify the default persistent location and persistence PSA_KEY_LIFETIME_PERSISTENT is a lifetime, not just a storage area Shorten type and value names for lifetime parts Define some structure for lifetime values Fix typo in program benchmark. Add changelog entry for #3310. Add variable initialization to large SSL TLS function. Add Changelog entry for #3312 Scope reduction to enable NULL check to protect dereferencing. Expose SSL HW record acceleration error. ...
2025-02-02 17:11:05 +00:00 · 2020-05-22 12:44:43 +02:00 · 2020-05-22 12:44:43 +02:00 · c859c21824
parent 4926f0dcb3 5eae4dd08e
commit c859c21824
84 changed files with 1232 additions and 1032 deletions
--- a/.gitignore
+++ b/.gitignore
@ -34,6 +34,9 @@ massif-*
 # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
 *.dir/
 # Microsoft CMake extension for Visual Studio Code generates a build directory by default
 /build/
 # Visual Studio artifacts
 /visualc/VS2010/.localhistory/
 /visualc/VS2010/.vs/
--- a/.travis.yml
+++ b/.travis.yml
@ -1,28 +1,60 @@
 language: c
-compiler:
+compiler: gcc
 - clang
 - gcc
 sudo: false
 cache: ccache
-script:
+jobs:
- tests/scripts/recursion.pl library/*.c
+  include:
- tests/scripts/check-generated-files.sh
+    - name: basic checks and reference configurations
- tests/scripts/check-doxy-blocks.pl
+      addons:
- tests/scripts/check-names.sh
+        apt:
- tests/scripts/check-files.py
+          packages:
- tests/scripts/doxygen.sh
+          - gnutls-bin
- cmake -D CMAKE_BUILD_TYPE:String="Check" .
+          - doxygen
- make
+          - graphviz
- make test
+          - gcc-arm-none-eabi
- programs/test/selftest
+          - libnewlib-arm-none-eabi
- OSSL_NO_DTLS=1 tests/compat.sh
+      language: python # Needed to get pip for Python 3
- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
+      python: 3.5 # version from Ubuntu 16.04
- tests/scripts/test-ref-configs.pl
+      install:
- tests/scripts/curves.pl
+        - pip install pylint==2.4.4
- tests/scripts/key-exchanges.pl
+      script:
        - tests/scripts/all.sh -k 'check_*'
        - tests/scripts/all.sh -k test_default_out_of_box
        - tests/scripts/test-ref-configs.pl
        - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
    - name: full configuration
      script:
        - tests/scripts/all.sh -k test_full_cmake_gcc_asan
    - name: check compilation guards
      script:
        - tests/scripts/all.sh -k 'test_depends_*' 'build_key_exchanges'
    - name: macOS
      os: osx
      compiler: clang
      script:
        - tests/scripts/all.sh -k test_default_out_of_box
    - name: Windows
      os: windows
      before_install:
        - choco install python --version=3.5.4
      env:
        # Add the directory where the Choco package goes
        - PATH=/c/Python35:/c/Python35/Scripts:$PATH
      script:
        - type python; python --version
        - python scripts/generate_psa_constants.py
        # Logs appear out of sequence on Windows. Give time to catch up.
        - sleep 5
        - scripts/windows_msbuild.bat v141 # Visual Studio 2017
 after_failure:
 - tests/scripts/travis-log-failure.sh
 env:
  global:
    - SEED=1
@ -31,8 +63,7 @@ env:
 addons:
  apt:
    packages:
-    - doxygen
+    - gnutls-bin
    - graphviz
  coverity_scan:
    project:
      name: "ARMmbed/mbedtls"
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -14,6 +14,7 @@ option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
 option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
 option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
 option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
 string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
 string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}")
@ -140,9 +141,9 @@ if(CMAKE_COMPILER_IS_GNU)
    set(CMAKE_C_FLAGS_RELEASE     "-O2")
    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
-    set(CMAKE_C_FLAGS_ASAN        "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
-    set(CMAKE_C_FLAGS_ASANDBG     "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
-    set(CMAKE_C_FLAGS_CHECK       "-Werror -Os")
+    set(CMAKE_C_FLAGS_CHECK       "-Os")
    set(CMAKE_C_FLAGS_CHECKFULL   "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
 endif(CMAKE_COMPILER_IS_GNU)
@ -151,11 +152,11 @@ if(CMAKE_COMPILER_IS_CLANG)
    set(CMAKE_C_FLAGS_RELEASE     "-O2")
    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
-    set(CMAKE_C_FLAGS_ASAN        "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
-    set(CMAKE_C_FLAGS_ASANDBG     "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
-    set(CMAKE_C_FLAGS_MEMSAN      "-Werror -fsanitize=memory -O3")
+    set(CMAKE_C_FLAGS_MEMSAN      "-fsanitize=memory -O3")
-    set(CMAKE_C_FLAGS_MEMSANDBG   "-Werror -fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
+    set(CMAKE_C_FLAGS_MEMSANDBG   "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
-    set(CMAKE_C_FLAGS_CHECK       "-Werror -Os")
+    set(CMAKE_C_FLAGS_CHECK       "-Os")
 endif(CMAKE_COMPILER_IS_CLANG)
 if(CMAKE_COMPILER_IS_IAR)
@ -163,11 +164,25 @@ if(CMAKE_COMPILER_IS_IAR)
 endif(CMAKE_COMPILER_IS_IAR)
 if(CMAKE_COMPILER_IS_MSVC)
-    # Strictest warnings, and treat as errors
+    # Strictest warnings
    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
 endif(CMAKE_COMPILER_IS_MSVC)
 if(MBEDTLS_FATAL_WARNINGS)
    if(CMAKE_COMPILER_IS_MSVC)
        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
    endif(CMAKE_COMPILER_IS_MSVC)
    if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
        if(UNSAFE_BUILD)
            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp")
            set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp")
            set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp")
        endif(UNSAFE_BUILD)
    endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
 endif(MBEDTLS_FATAL_WARNINGS)
 if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
    if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
        set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -14,7 +14,7 @@ Coding Standards
 Making a Contribution
 ---------------------
-1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug.
+1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls) around a feature idea or a bug.
 1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis.
 1. Write a test which shows that the bug was fixed or that the feature works as expected.
 1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :)
--- a/ChangeLog.d/fix-masked-hw-record-init-error.txt
+++ b/ChangeLog.d/fix-masked-hw-record-init-error.txt
@ -0,0 +1,3 @@
 Bugfix
   * Fix issue with a detected HW accelerated record error not being exposed
     due to shadowed variable. Contributed by Sander Visser in #3310.
--- a/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt
+++ b/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt
@ -0,0 +1,3 @@
 Bugfix
   * Avoid NULL pointer dereferencing if mbedtls_ssl_free() is called with a
     NULL pointer argument. Contributed by Sander Visser in #3312.
--- a/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt
+++ b/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt
@ -0,0 +1,4 @@
 Bugfix
   * Fix potential linker errors on dual world platforms by inlining
     mbedtls_gcc_group_to_psa(). This allows the pk.c module to link separately
     from psa_crypto.c. Fixes #3300.
--- a/ChangeLog.d/psa-lifetime-locations.txt
+++ b/ChangeLog.d/psa-lifetime-locations.txt
@ -0,0 +1,8 @@
 Default behavior changes
   * In the experimental PSA secure element interface, change the encoding of
     key lifetimes to encode a persistence level and the location. Although C
     prototypes do not effectively change, code calling
     psa_register_se_driver() must be modified to pass the driver's location
     instead of the keys' lifetime. If the library is upgraded on an existing
     device, keys created with the old lifetime value will not be readable or
     removable through Mbed TLS after the upgrade.
--- a/ChangeLog.d/unified-exit-in-examples.txt
+++ b/ChangeLog.d/unified-exit-in-examples.txt
@ -0,0 +1,4 @@
 Changes
   * Unify the example programs termination to call mbedtls_exit() instead of
     using a return command. This has been done to enable customization of the
     behavior in bare metal environments.
--- a/README.md
+++ b/README.md
@ -85,11 +85,11 @@ In order to build the source using CMake in a separate directory (recommended),
    mkdir /path/to/build_dir && cd /path/to/build_dir
    cmake /path/to/mbedtls_source
-    make
+    cmake --build .
 In order to run the tests, enter:
-    make test
+    ctest
 The test suites need Python to be built and Perl to be executed. If you don't have one of these installed, you'll want to disable the test suites with:
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@ -578,8 +578,55 @@ psa_status_t psa_get_key_domain_parameters(
 *                      (`PSA_ECC_CURVE_xxx`).
 * \return              \c 0 on failure (\p grpid is not recognized).
 */
-psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
+static inline psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
-                                          size_t *bits );
+                                                        size_t *bits )
 {
    switch( grpid )
    {
        case MBEDTLS_ECP_DP_SECP192R1:
            *bits = 192;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP224R1:
            *bits = 224;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP256R1:
            *bits = 256;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP384R1:
            *bits = 384;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP521R1:
            *bits = 521;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_BP256R1:
            *bits = 256;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_BP384R1:
            *bits = 384;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_BP512R1:
            *bits = 512;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_CURVE25519:
            *bits = 255;
            return( PSA_ECC_CURVE_MONTGOMERY );
        case MBEDTLS_ECP_DP_SECP192K1:
            *bits = 192;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_SECP224K1:
            *bits = 224;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_SECP256K1:
            *bits = 256;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_CURVE448:
            *bits = 448;
            return( PSA_ECC_CURVE_MONTGOMERY );
        default:
            *bits = 0;
            return( 0 );
    }
 }
 /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
 *
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@ -119,8 +119,10 @@ typedef struct {
 * \param[in,out] drv_context       The driver context structure.
 * \param[in,out] persistent_data   A pointer to the persistent data
 *                                  that allows writing.
- * \param lifetime                  The lifetime value for which this driver
+ * \param location                  The location value for which this driver
- *                                  is registered.
+ *                                  is registered. The driver will be invoked
 *                                  for all keys whose lifetime is in this
 *                                  location.
 *
 * \retval #PSA_SUCCESS
 *         The driver is operational.
@ -132,7 +134,7 @@ typedef struct {
 */
 typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context,
                                          void *persistent_data,
-                                          psa_key_lifetime_t lifetime);
+                                          psa_key_location_t location);
 #if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C)
 /* Mbed Crypto with secure element support enabled defines this type in
@ -1341,17 +1343,19 @@ typedef struct {
 * after psa_crypto_init().
 *
 * \note Implementations store metadata about keys including the lifetime
- *       value. Therefore, from one instantiation of the PSA Cryptography
+ *       value, which contains the driver's location indicator. Therefore,
 *       from one instantiation of the PSA Cryptography
 *       library to the next one, if there is a key in storage with a certain
 *       lifetime value, you must always register the same driver (or an
 *       updated version that communicates with the same secure element)
- *       with the same lifetime value.
+ *       with the same location value.
 *
- * \param lifetime      The lifetime value through which this driver will
+ * \param location      The location value through which this driver will
 *                      be exposed to applications.
- *                      The values #PSA_KEY_LIFETIME_VOLATILE and
+ *                      This driver will be used for all keys such that
- *                      #PSA_KEY_LIFETIME_PERSISTENT are reserved and
+ *                      `location == PSA_KEY_LIFETIME_LOCATION( lifetime )`.
- *                      may not be used for drivers. Implementations
+ *                      The value #PSA_KEY_LOCATION_LOCAL_STORAGE is reserved
 *                      and may not be used for drivers. Implementations
 *                      may reserve other values.
 * \param[in] methods   The method table of the driver. This structure must
 *                      remain valid for as long as the cryptography
@ -1376,7 +1380,7 @@ typedef struct {
 * \return PSA_ERROR_NOT_PERMITTED
 */
 psa_status_t psa_register_se_driver(
-    psa_key_lifetime_t lifetime,
+    psa_key_location_t location,
    const psa_drv_se_t *methods);
 /**@}*/
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@ -108,18 +108,117 @@ typedef uint32_t psa_algorithm_t;
 * The lifetime of a key indicates where it is stored and what system actions
 * may create and destroy it.
 *
- * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically
+ * Lifetime values have the following structure:
- * destroyed when the application terminates or on a power reset.
+ * - Bits 0-7 (#PSA_KEY_LIFETIME_GET_PERSISTENCE(\c lifetime)):
 *   persistence level. This value indicates what device management
 *   actions can cause it to be destroyed. In particular, it indicates
 *   whether the key is _volatile_ or _persistent_.
 *   See ::psa_key_persistence_t for more information.
 * - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)):
 *   location indicator. This value indicates where the key is stored
 *   and where operations on the key are performed.
 *   See ::psa_key_location_t for more information.
 *
 * Volatile keys are automatically destroyed when the application instance
 * terminates or on a power reset of the device. Persistent keys are
 * preserved until the application explicitly destroys them or until an
 * implementation-specific device management event occurs (for example,
 * a factory reset).
 *
 * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said
 * to be _persistent_.
 * Persistent keys are preserved if the application or the system restarts.
 * Persistent keys have a key identifier of type #psa_key_id_t.
 * This identifier remains valid throughout the lifetime of the key,
 * even if the application instance that created the key terminates.
 * The application can call psa_open_key() to open a persistent key that
 * it created previously.
 *
 * This specification defines two basic lifetime values:
 * - Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are volatile.
 *   All implementations should support this lifetime.
 * - Keys with the lifetime #PSA_KEY_LIFETIME_PERSISTENT are persistent.
 *   All implementations that have access to persistent storage with
 *   appropriate security guarantees should support this lifetime.
 */
 typedef uint32_t psa_key_lifetime_t;
 /** Encoding of key persistence levels.
 *
 * What distinguishes different persistence levels is what device management
 * events may cause keys to be destroyed. _Volatile_ keys are destroyed
 * by a power reset. Persistent keys may be destroyed by events such as
 * a transfer of ownership or a factory reset. What management events
 * actually affect persistent keys at different levels is outside the
 * scope of the PSA Cryptography specification.
 *
 * This specification defines the following values of persistence levels:
 * - \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key.
 *   A volatile key is automatically destroyed by the implementation when
 *   the application instance terminates. In particular, a volatile key
 *   is automatically destroyed on a power reset of the device.
 * - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT:
 *   persistent key with a default lifetime.
 *   Implementations should support this value if they support persistent
 *   keys at all.
 *   Applications should use this value if they have no specific needs that
 *   are only met by implementation-specific features.
 * - \c 2-127: persistent key with a PSA-specified lifetime.
 *   The PSA Cryptography specification does not define the meaning of these
 *   values, but other PSA specifications may do so.
 * - \c 128-254: persistent key with a vendor-specified lifetime.
 *   No PSA specification will define the meaning of these values, so
 *   implementations may choose the meaning freely.
 *   As a guideline, higher persistence levels should cause a key to survive
 *   more management events than lower levels.
 * - \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY:
 *   read-only or write-once key.
 *   A key with this persistence level cannot be destroyed.
 *   Implementations that support such keys may either allow their creation
 *   through the PSA Cryptography API, preferably only to applications with
 *   the appropriate privilege, or only expose keys created through
 *   implementation-specific means such as a factory ROM engraving process.
 *   Note that keys that are read-only due to policy restrictions
 *   rather than due to physical limitations should not have this
 *   persistence levels.
 *
 * \note Key persistence levels are 8-bit values. Key management
 *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
 *       encode the persistence as the lower 8 bits of a 32-bit value.
 */
 typedef uint8_t psa_key_persistence_t;
 /** Encoding of key location indicators.
 *
 * If an implementation of this API can make calls to external
 * cryptoprocessors such as secure elements, the location of a key
 * indicates which secure element performs the operations on the key.
 * If an implementation offers multiple physical locations for persistent
 * storage, the location indicator reflects at which physical location
 * the key is stored.
 *
 * This specification defines the following values of location indicators:
 * - \c 0: primary local storage.
 *   All implementations should support this value.
 *   The primary local storage is typically the same storage area that
 *   contains the key metadata.
 * - \c 1: primary secure element.
 *   Implementations should support this value if there is a secure element
 *   attached to the operating environment.
 *   As a guideline, secure elements may provide higher resistance against
 *   side channel and physical attacks than the primary local storage, but may
 *   have restrictions on supported key types, sizes, policies and operations
 *   and may have different performance characteristics.
 * - \c 2-0x7fffff: other locations defined by a PSA specification.
 *   The PSA Cryptography API does not currently assign any meaning to these
 *   locations, but future versions of this specification or other PSA
 *   specifications may do so.
 * - \c 0x800000-0xffffff: vendor-defined locations.
 *   No PSA specification will assign a meaning to locations in this range.
 *
 * \note Key location indicators are 24-bit values. Key management
 *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
 *       encode the location as the upper 24 bits of a 32-bit value.
 */
 typedef uint32_t psa_key_location_t;
 /** Encoding of identifiers of persistent keys.
 *
 * - Applications may freely choose key identifiers in the range
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@ -1539,12 +1539,20 @@
 * @{
 */
-/** A volatile key only exists as long as the handle to it is not closed.
+/** The default lifetime for volatile keys.
 *
 * A volatile key only exists as long as the handle to it is not closed.
 * The key material is guaranteed to be erased on a power reset.
 *
 * A key with this lifetime is typically stored in the RAM area of the
 * PSA Crypto subsystem. However this is an implementation choice.
 * If an implementation stores data about the key in a non-volatile memory,
 * it must release all the resources associated with the key and erase the
 * key material if the calling application terminates.
 */
 #define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
-/** The default storage area for persistent keys.
+/** The default lifetime for persistent keys.
 *
 * A persistent key remains in storage until it is explicitly destroyed or
 * until the corresponding storage area is wiped. This specification does
@ -1555,9 +1563,77 @@
 * This lifetime value is the default storage area for the calling
 * application. Implementations may offer other storage areas designated
 * by other lifetime values as implementation-specific extensions.
 * See ::psa_key_lifetime_t for more information.
 */
 #define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
 /** The persistence level of volatile keys.
 *
 * See ::psa_key_persistence_t for more information.
 */
 #define PSA_KEY_PERSISTENCE_VOLATILE            ((psa_key_persistence_t)0x00)
 /** The default persistence level for persistent keys.
 *
 * See ::psa_key_persistence_t for more information.
 */
 #define PSA_KEY_PERSISTENCE_DEFAULT             ((psa_key_persistence_t)0x01)
 /** A persistence level indicating that a key is never destroyed.
 *
 * See ::psa_key_persistence_t for more information.
 */
 #define PSA_KEY_PERSISTENCE_READ_ONLY           ((psa_key_persistence_t)0xff)
 #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime)      \
    ((psa_key_persistence_t)((lifetime) & 0x000000ff))
 #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)      \
    ((psa_key_location_t)((lifetime) >> 8))
 /** Whether a key lifetime indicates that the key is volatile.
 *
 * A volatile key is automatically destroyed by the implementation when
 * the application instance terminates. In particular, a volatile key
 * is automatically destroyed on a power reset of the device.
 *
 * A key that is not volatile is persistent. Persistent keys are
 * preserved until the application explicitly destroys them or until an
 * implementation-specific device management event occurs (for example,
 * a factory reset).
 *
 * \param lifetime      The lifetime value to query (value of type
 *                      ::psa_key_lifetime_t).
 *
 * \return \c 1 if the key is volatile, otherwise \c 0.
 */
 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)  \
    (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
     PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE)
 /** Construct a lifetime from a persistence level and a location.
 *
 * \param persistence   The persistence level
 *                      (value of type ::psa_key_persistence_t).
 * \param location      The location indicator
 *                      (value of type ::psa_key_location_t).
 *
 * \return The constructed lifetime value.
 */
 #define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
    ((location) << 8 | (persistence))
 /** The local storage area for persistent keys.
 *
 * This storage area is available on all systems that can store persistent
 * keys without delegating the storage to a third-party cryptoprocessor.
 *
 * See ::psa_key_location_t for more information.
 */
 #define PSA_KEY_LOCATION_LOCAL_STORAGE          ((psa_key_location_t)0x000000)
 #define PSA_KEY_LOCATION_VENDOR_FLAG            ((psa_key_location_t)0x800000)
 /** The minimum value for a key identifier chosen by the application.
 */
 #define PSA_KEY_ID_USER_MIN                     ((psa_app_key_id_t)0x00000001)
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@ -113,12 +113,6 @@ if(CMAKE_COMPILER_IS_CLANG)
    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
 endif(CMAKE_COMPILER_IS_CLANG)
 if(UNSAFE_BUILD)
    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error")
    set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error")
    set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error")
 endif(UNSAFE_BUILD)
 if(WIN32)
    set(libs ${libs} ws2_32)
 endif(WIN32)
--- a/library/error.c
+++ b/library/error.c
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@ -54,8 +54,7 @@
 #define IS_EINTR( ret ) ( ( ret ) == WSAEINTR )
-#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501)
+#if !defined(_WIN32_WINNT)
 #undef _WIN32_WINNT
 /* Enables getaddrinfo() & Co */
 #define _WIN32_WINNT 0x0501
 #endif
@ -64,6 +63,9 @@
 #include <winsock2.h>
 #include <windows.h>
 #if (_WIN32_WINNT < 0x0501)
 #include <wspiapi.h>
 #endif
 #if defined(_MSC_VER)
 #if defined(_WIN32_WCE)
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -375,55 +375,6 @@ static inline int psa_key_slot_is_external( const psa_key_slot_t *slot )
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 #if defined(MBEDTLS_ECP_C)
 psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
                                          size_t *bits )
 {
    switch( grpid )
    {
        case MBEDTLS_ECP_DP_SECP192R1:
            *bits = 192;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP224R1:
            *bits = 224;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP256R1:
            *bits = 256;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP384R1:
            *bits = 384;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_SECP521R1:
            *bits = 521;
            return( PSA_ECC_CURVE_SECP_R1 );
        case MBEDTLS_ECP_DP_BP256R1:
            *bits = 256;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_BP384R1:
            *bits = 384;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_BP512R1:
            *bits = 512;
            return( PSA_ECC_CURVE_BRAINPOOL_P_R1 );
        case MBEDTLS_ECP_DP_CURVE25519:
            *bits = 255;
            return( PSA_ECC_CURVE_MONTGOMERY );
        case MBEDTLS_ECP_DP_SECP192K1:
            *bits = 192;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_SECP224K1:
            *bits = 224;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_SECP256K1:
            *bits = 256;
            return( PSA_ECC_CURVE_SECP_K1 );
        case MBEDTLS_ECP_DP_CURVE448:
            *bits = 448;
            return( PSA_ECC_CURVE_MONTGOMERY );
        default:
            return( 0 );
    }
 }
 mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve,
                                               size_t byte_length )
 {
--- a/library/psa_crypto_se.c
+++ b/library/psa_crypto_se.c
@ -64,16 +64,16 @@ typedef struct
    uintptr_t transient_data;
 } psa_drv_se_internal_context_t;
-typedef struct psa_se_drv_table_entry_s
+struct psa_se_drv_table_entry_s
 {
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
    const psa_drv_se_t *methods;
    union
    {
        psa_drv_se_internal_context_t internal;
        psa_drv_se_context_t context;
-    };
+    } u;
-} psa_se_drv_table_entry_t;
+};
 static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS];
@ -81,15 +81,16 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry(
    psa_key_lifetime_t lifetime )
 {
    size_t i;
-    /* In the driver table, lifetime=0 means an entry that isn't used.
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-     * No driver has a lifetime of 0 because it's a reserved value
+    /* In the driver table, location=0 means an entry that isn't used.
-     * (which designates volatile keys). Make sure we never return
+     * No driver has a location of 0 because it's a reserved value
-     * a driver entry for lifetime 0. */
+     * (which designates transparent keys). Make sure we never return
-    if( lifetime == 0 )
+     * a driver entry for location 0. */
    if( location == 0 )
        return( NULL );
    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
    {
-        if( driver_table[i].lifetime == lifetime )
+        if( driver_table[i].location == location )
            return( &driver_table[i] );
    }
    return( NULL );
@ -104,7 +105,7 @@ const psa_drv_se_t *psa_get_se_driver_methods(
 psa_drv_se_context_t *psa_get_se_driver_context(
    psa_se_drv_table_entry_t *driver )
 {
-    return( &driver->context );
+    return( &driver->u.context );
 }
 int psa_get_se_driver( psa_key_lifetime_t lifetime,
@ -115,7 +116,7 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime,
    if( p_methods != NULL )
        *p_methods = ( driver ? driver->methods : NULL );
    if( p_drv_context != NULL )
-        *p_drv_context = ( driver ? &driver->context : NULL );
+        *p_drv_context = ( driver ? &driver->u.context : NULL );
    return( driver != NULL );
 }
@ -129,17 +130,17 @@ static psa_status_t psa_get_se_driver_its_file_uid(
    const psa_se_drv_table_entry_t *driver,
    psa_storage_uid_t *uid )
 {
-    if( driver->lifetime > PSA_MAX_SE_LIFETIME )
+    if( driver->location > PSA_MAX_SE_LOCATION )
        return( PSA_ERROR_NOT_SUPPORTED );
 #if SIZE_MAX > UINT32_MAX
    /* ITS file sizes are limited to 32 bits. */
-    if( driver->internal.persistent_data_size > UINT32_MAX )
+    if( driver->u.internal.persistent_data_size > UINT32_MAX )
        return( PSA_ERROR_NOT_SUPPORTED );
 #endif
    /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */
-    *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->lifetime;
+    *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location;
    return( PSA_SUCCESS );
 }
@ -162,8 +163,8 @@ psa_status_t psa_load_se_persistent_data(
     * persistent_data_size is in range, but compilers don't know that,
     * so cast to reassure them. */
    return( psa_its_get( uid, 0,
-                         (uint32_t) driver->internal.persistent_data_size,
+                         (uint32_t) driver->u.internal.persistent_data_size,
-                         driver->internal.persistent_data,
+                         driver->u.internal.persistent_data,
                         &length ) );
 }
@ -181,17 +182,17 @@ psa_status_t psa_save_se_persistent_data(
     * persistent_data_size is in range, but compilers don't know that,
     * so cast to reassure them. */
    return( psa_its_set( uid,
-                         (uint32_t) driver->internal.persistent_data_size,
+                         (uint32_t) driver->u.internal.persistent_data_size,
-                         driver->internal.persistent_data,
+                         driver->u.internal.persistent_data,
                         0 ) );
 }
-psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime )
+psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location )
 {
    psa_storage_uid_t uid;
-    if( lifetime > PSA_MAX_SE_LIFETIME )
+    if( location > PSA_MAX_SE_LOCATION )
        return( PSA_ERROR_NOT_SUPPORTED );
-    uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime;
+    uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location;
    return( psa_its_remove( uid ) );
 }
@ -202,9 +203,11 @@ psa_status_t psa_find_se_slot_for_key(
    psa_key_slot_number_t *slot_number )
 {
    psa_status_t status;
    psa_key_location_t key_location =
        PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) );
-    /* If the lifetime is wrong, it's a bug in the library. */
+    /* If the location is wrong, it's a bug in the library. */
-    if( driver->lifetime != psa_get_key_lifetime( attributes ) )
+    if( driver->location != key_location )
        return( PSA_ERROR_CORRUPTION_DETECTED );
    /* If the driver doesn't support key creation in any way, give up now. */
@ -221,8 +224,8 @@ psa_status_t psa_find_se_slot_for_key(
            driver->methods->key_management->p_validate_slot_number;
        if( p_validate_slot_number == NULL )
            return( PSA_ERROR_NOT_SUPPORTED );
-        status = p_validate_slot_number( &driver->context,
+        status = p_validate_slot_number( &driver->u.context,
-                                         driver->internal.persistent_data,
+                                         driver->u.internal.persistent_data,
                                         attributes, method,
                                         *slot_number );
    }
@ -240,8 +243,8 @@ psa_status_t psa_find_se_slot_for_key(
            driver->methods->key_management->p_allocate;
        if( p_allocate == NULL )
            return( PSA_ERROR_NOT_SUPPORTED );
-        status = p_allocate( &driver->context,
+        status = p_allocate( &driver->u.context,
-                             driver->internal.persistent_data,
+                             driver->u.internal.persistent_data,
                             attributes, method,
                             slot_number );
    }
@ -265,8 +268,8 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver,
        driver->methods->key_management->p_destroy == NULL )
        return( PSA_ERROR_NOT_PERMITTED );
    status = driver->methods->key_management->p_destroy(
-        &driver->context,
+        &driver->u.context,
-        driver->internal.persistent_data,
+        driver->u.internal.persistent_data,
        slot_number );
    storage_status = psa_save_se_persistent_data( driver );
    return( status == PSA_SUCCESS ? storage_status : status );
@ -278,15 +281,15 @@ psa_status_t psa_init_all_se_drivers( void )
    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
    {
        psa_se_drv_table_entry_t *driver = &driver_table[i];
-        if( driver->lifetime == 0 )
+        if( driver->location == 0 )
            continue; /* skipping unused entry */
        const psa_drv_se_t *methods = psa_get_se_driver_methods( driver );
        if( methods->p_init != NULL )
        {
            psa_status_t status = methods->p_init(
-                &driver->context,
+                &driver->u.context,
-                driver->internal.persistent_data,
+                driver->u.internal.persistent_data,
-                driver->lifetime );
+                driver->location );
            if( status != PSA_SUCCESS )
                return( status );
            status = psa_save_se_persistent_data( driver );
@ -304,7 +307,7 @@ psa_status_t psa_init_all_se_drivers( void )
 /****************************************************************/
 psa_status_t psa_register_se_driver(
-    psa_key_lifetime_t lifetime,
+    psa_key_location_t location,
    const psa_drv_se_t *methods)
 {
    size_t i;
@ -313,42 +316,39 @@ psa_status_t psa_register_se_driver(
    if( methods->hal_version != PSA_DRV_SE_HAL_VERSION )
        return( PSA_ERROR_NOT_SUPPORTED );
    /* Driver table entries are 0-initialized. 0 is not a valid driver
-     * lifetime because it means a volatile key. */
+     * location because it means a transparent key. */
 #if defined(static_assert)
-    static_assert( PSA_KEY_LIFETIME_VOLATILE == 0,
+    static_assert( PSA_KEY_LOCATION_LOCAL_STORAGE == 0,
-                   "Secure element support requires 0 to mean a volatile key" );
+                   "Secure element support requires 0 to mean a local key" );
 #endif
-    if( lifetime == PSA_KEY_LIFETIME_VOLATILE ||
+    if( location == PSA_KEY_LOCATION_LOCAL_STORAGE )
        lifetime == PSA_KEY_LIFETIME_PERSISTENT )
    {
        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
+    if( location > PSA_MAX_SE_LOCATION )
    if( lifetime > PSA_MAX_SE_LIFETIME )
        return( PSA_ERROR_NOT_SUPPORTED );
    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
    {
-        if( driver_table[i].lifetime == 0 )
+        if( driver_table[i].location == 0 )
            break;
-        /* Check that lifetime isn't already in use up to the first free
+        /* Check that location isn't already in use up to the first free
         * entry. Since entries are created in order and never deleted,
         * there can't be a used entry after the first free entry. */
-        if( driver_table[i].lifetime == lifetime )
+        if( driver_table[i].location == location )
            return( PSA_ERROR_ALREADY_EXISTS );
    }
    if( i == PSA_MAX_SE_DRIVERS )
        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-    driver_table[i].lifetime = lifetime;
+    driver_table[i].location = location;
    driver_table[i].methods = methods;
-    driver_table[i].internal.persistent_data_size =
+    driver_table[i].u.internal.persistent_data_size =
        methods->persistent_data_size;
    if( methods->persistent_data_size != 0 )
    {
-        driver_table[i].internal.persistent_data =
+        driver_table[i].u.internal.persistent_data =
            mbedtls_calloc( 1, methods->persistent_data_size );
-        if( driver_table[i].internal.persistent_data == NULL )
+        if( driver_table[i].u.internal.persistent_data == NULL )
        {
            status = PSA_ERROR_INSUFFICIENT_MEMORY;
            goto error;
@ -373,8 +373,8 @@ void psa_unregister_all_se_drivers( void )
    size_t i;
    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
    {
-        if( driver_table[i].internal.persistent_data != NULL )
+        if( driver_table[i].u.internal.persistent_data != NULL )
-            mbedtls_free( driver_table[i].internal.persistent_data );
+            mbedtls_free( driver_table[i].u.internal.persistent_data );
    }
    memset( driver_table, 0, sizeof( driver_table ) );
 }
--- a/library/psa_crypto_se.h
+++ b/library/psa_crypto_se.h
@ -31,31 +31,30 @@
 #include "psa/crypto.h"
 #include "psa/crypto_se_driver.h"
-/** The maximum lifetime value that this implementation supports
+/** The maximum location value that this implementation supports
 * for a secure element.
 *
 * This is not a characteristic that each PSA implementation has, but a
 * limitation of the current implementation due to the constraints imposed
 * by storage. See #PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE.
 *
- * The minimum lifetime value for a secure element is 2, like on any
+ * The minimum location value for a secure element is 1, like on any
- * PSA implementation (0=volatile and 1=internal-storage are taken).
+ * PSA implementation (0 means a transparent key).
 */
-#define PSA_MAX_SE_LIFETIME 255
+#define PSA_MAX_SE_LOCATION 255
 /** The base of the range of ITS file identifiers for secure element
 * driver persistent data.
 *
 * We use a slice of the implemenation reserved range 0xffff0000..0xffffffff,
 * specifically the range 0xfffffe00..0xfffffeff. The length of this range
- * drives the value of #PSA_MAX_SE_LIFETIME.
+ * drives the value of #PSA_MAX_SE_LOCATION. The identifier 0xfffffe00 is
- * The identifiers 0xfffffe00 and 0xfffffe01 are actually not used since
+ * actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE
- * they correspond to #PSA_KEY_LIFETIME_VOLATILE and
+ * which doesn't have a driver.
 * #PSA_KEY_LIFETIME_PERSISTENT which don't have a driver.
 */
 #define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 )
-/** The maximum number of registered secure element driver lifetimes. */
+/** The maximum number of registered secure element driver locations. */
 #define PSA_MAX_SE_DRIVERS 4
 /** Unregister all secure element drivers.
@ -173,10 +172,10 @@ psa_status_t psa_save_se_persistent_data(
 *
 * This is currently only used for testing.
 *
- * \param[in] lifetime  The driver lifetime whose persistent data should
+ * \param[in] location  The location identifier for the driver whose
- *                      be erased.
+ *                      persistent data is to be erased.
 */
-psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime );
+psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location );
 /** The storage representation of a key whose data is in a secure element.
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -863,7 +863,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
    unsigned char *key2;
    unsigned char *mac_enc;
    unsigned char *mac_dec;
-    size_t mac_key_len;
+    size_t mac_key_len = 0;
    size_t iv_copy_len;
    unsigned keylen;
    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
@ -1175,7 +1175,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
 #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
    if( mbedtls_ssl_hw_record_init != NULL )
    {
-        int ret = 0;
+        ret = 0;
        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) );
@ -2747,9 +2747,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
    {
        ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
-        if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
+        if( authmode != MBEDTLS_SSL_VERIFY_OPTIONAL )
            ret = 0;
        else
            ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
        goto exit;
@ -6663,14 +6661,6 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *context,
 */
 void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
 {
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
    size_t in_buf_len = ssl->in_buf_len;
    size_t out_buf_len = ssl->out_buf_len;
 #else
    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
 #endif
    if( ssl == NULL )
        return;
@ -6678,6 +6668,12 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
    if( ssl->out_buf != NULL )
    {
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
        size_t out_buf_len = ssl->out_buf_len;
 #else
        size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
 #endif
        mbedtls_platform_zeroize( ssl->out_buf, out_buf_len );
        mbedtls_free( ssl->out_buf );
        ssl->out_buf = NULL;
@ -6685,6 +6681,12 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
    if( ssl->in_buf != NULL )
    {
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
        size_t in_buf_len = ssl->in_buf_len;
 #else
        size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
 #endif
        mbedtls_platform_zeroize( ssl->in_buf, in_buf_len );
        mbedtls_free( ssl->in_buf );
        ssl->in_buf = NULL;
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@ -76,7 +76,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C "
                    "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C "
                    "not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -465,6 +465,6 @@ exit:
    mbedtls_aes_free( &aes_ctx );
    mbedtls_md_free( &sha_ctx );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@ -78,14 +78,15 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
 int main( int argc, char *argv[] )
 {
-    int ret = 1, i, n;
+    int ret = 1, i;
    unsigned n;
    int exit_code = MBEDTLS_EXIT_FAILURE;
    int mode;
    size_t keylen, ilen, olen;
@ -562,6 +563,6 @@ exit:
    mbedtls_cipher_free( &cipher_ctx );
    mbedtls_md_free( &md_ctx );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@ -48,7 +48,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -203,7 +203,7 @@ int main( int argc, char *argv[] )
        fflush( stdout ); getchar();
 #endif
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    /*
@ -213,12 +213,12 @@ int main( int argc, char *argv[] )
    if( md_info == NULL )
    {
        mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    if( mbedtls_md_setup( &md_ctx, md_info, 0 ) )
    {
        mbedtls_fprintf( stderr, "Failed to initialize context.\n" );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    ret = 0;
@ -237,6 +237,6 @@ int main( int argc, char *argv[] )
 exit:
    mbedtls_md_free( &md_ctx );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
--- a/programs/hash/hello.c
+++ b/programs/hash/hello.c
@ -44,7 +44,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -58,7 +58,7 @@ int main( void )
    mbedtls_printf( "\n  MD5('%s') = ", str );
    if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 )
-        return( MBEDTLS_EXIT_FAILURE );
+        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
    for( i = 0; i < 16; i++ )
        mbedtls_printf( "%02x", digest[i] );
@ -70,6 +70,6 @@ int main( void )
    fflush( stdout ); getchar();
 #endif
-    return( MBEDTLS_EXIT_SUCCESS );
+    mbedtls_exit( MBEDTLS_EXIT_SUCCESS );
 }
 #endif /* MBEDTLS_MD5_C */
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@ -68,7 +68,7 @@ int main( void )
           "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -307,7 +307,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@ -45,7 +45,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or "
           "MBEDTLS_GENPRIME not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -91,7 +91,7 @@ int main( int argc, char **argv )
    {
    usage:
        mbedtls_printf( USAGE );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    for( i = 1; i < argc; i++ )
@ -197,7 +197,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
          MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@ -68,7 +68,7 @@ int main( void )
           "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -330,7 +330,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
--- a/programs/pkey/ecdh_curve25519.c
+++ b/programs/pkey/ecdh_curve25519.c
@ -45,7 +45,7 @@ int main( void )
                    "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or "
                    "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
                    "not defined\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -238,7 +238,7 @@ exit:
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_entropy_free( &entropy );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED &&
          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@ -66,7 +66,7 @@ int main( void )
 {
    mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
           "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
 #if defined(VERBOSE)
@ -248,7 +248,7 @@ exit:
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_entropy_free( &entropy );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
          ECPARAMS */
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@ -133,7 +133,7 @@ int main( void )
            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
            "MBEDTLS_PEM_WRITE_C"
            "not defined.\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -446,7 +446,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
        * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@ -70,7 +70,7 @@ int main( void )
 {
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -311,6 +311,6 @@ cleanup:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@ -94,7 +94,7 @@
 int main( void )
 {
    mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -436,6 +436,6 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
--- a/programs/pkey/mpi_demo.c
+++ b/programs/pkey/mpi_demo.c
@ -46,7 +46,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -112,6 +112,6 @@ cleanup:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@ -56,7 +56,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
           "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -64,7 +64,8 @@ int main( void )
 int main( int argc, char *argv[] )
 {
    FILE *f;
-    int ret = 1, c;
+    int ret = 1;
    unsigned c;
    int exit_code = MBEDTLS_EXIT_FAILURE;
    size_t i, olen = 0;
    mbedtls_pk_context pk;
@ -171,7 +172,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/pk_encrypt.c
+++ b/programs/pkey/pk_encrypt.c
@ -57,7 +57,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
           "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -176,7 +176,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@ -47,7 +47,7 @@ int main( void )
           "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -173,7 +173,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@ -45,7 +45,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or "
           "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
           "MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -147,7 +147,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
--- a/programs/pkey/rsa_decrypt.c
+++ b/programs/pkey/rsa_decrypt.c
@ -55,7 +55,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -65,7 +65,7 @@ int main( int argc, char *argv[] )
    FILE *f;
    int ret = 1;
    int exit_code = MBEDTLS_EXIT_FAILURE;
-    int c;
+    unsigned c;
    size_t i;
    mbedtls_rsa_context rsa;
    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
@ -207,6 +207,6 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@ -55,7 +55,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -184,7 +184,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@ -59,7 +59,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or "
           "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -172,7 +172,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
          MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@ -46,7 +46,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_MD_C and/or "
            "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -188,7 +188,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
          MBEDTLS_FS_IO */
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@ -47,7 +47,7 @@ int main( void )
           "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -175,7 +175,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@ -45,7 +45,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_MD_C and/or "
            "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -59,7 +59,8 @@ int main( void )
 int main( int argc, char *argv[] )
 {
    FILE *f;
-    int ret = 1, c;
+    int ret = 1;
    unsigned c;
    int exit_code = MBEDTLS_EXIT_FAILURE;
    size_t i;
    mbedtls_rsa_context rsa;
@ -161,7 +162,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
          MBEDTLS_FS_IO */
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@ -47,7 +47,7 @@ int main( void )
           "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -151,7 +151,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
--- a/programs/random/gen_entropy.c
+++ b/programs/random/gen_entropy.c
@ -47,7 +47,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -63,13 +63,13 @@ int main( int argc, char *argv[] )
    if( argc < 2 )
    {
        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
    {
        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    mbedtls_entropy_init( &entropy );
@ -99,6 +99,6 @@ cleanup:
    fclose( f );
    mbedtls_entropy_free( &entropy );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_ENTROPY_C */
--- a/programs/random/gen_random_ctr_drbg.c
+++ b/programs/random/gen_random_ctr_drbg.c
@ -50,7 +50,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -69,13 +69,13 @@ int main( int argc, char *argv[] )
    if( argc < 2 )
    {
        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
    {
        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    mbedtls_entropy_init( &entropy );
@ -132,6 +132,6 @@ cleanup:
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_entropy_free( &entropy );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
--- a/programs/random/gen_random_havege.c
+++ b/programs/random/gen_random_havege.c
@ -48,7 +48,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -65,13 +65,13 @@ int main( int argc, char *argv[] )
    if( argc < 2 )
    {
        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
    {
        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    mbedtls_havege_init( &hs );
@ -104,6 +104,6 @@ int main( int argc, char *argv[] )
 exit:
    mbedtls_havege_free( &hs );
    fclose( f );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_HAVEGE_C */
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@ -29,6 +29,7 @@
 #include "mbedtls/platform.h"
 #else
 #include <stdio.h>
 #include <stdlib.h>
 #define mbedtls_printf     printf
 #define mbedtls_fprintf    fprintf
 #define mbedtls_exit            exit
@ -48,7 +49,7 @@ int main( void )
            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
            "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -355,7 +356,7 @@ exit:
    if( ret < 0 )
        ret = 1;
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C &&
          MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@ -29,6 +29,7 @@
 #include "mbedtls/platform.h"
 #else
 #include <stdio.h>
 #include <stdlib.h>
 #define mbedtls_printf     printf
 #define mbedtls_fprintf    fprintf
 #define mbedtls_time_t     time_t
@ -61,7 +62,7 @@ int main( void )
            "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
            "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or "
            "MBEDTLS_TIMING_C not defined.\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -430,7 +431,7 @@ exit:
    if( ret < 0 )
        ret = 1;
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS &&
          MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C &&
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@ -60,7 +60,7 @@ int main( void )
    mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or "
            "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX "
            "not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -296,6 +296,6 @@ exit:
    mbedtls_x509_crt_free( &ca );
 #endif
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@ -51,7 +51,7 @@ int main( void )
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
           "not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -312,7 +312,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -50,7 +50,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -377,7 +377,9 @@ int main( void )
 #define USAGE_SERIALIZATION ""
 #endif
-#define USAGE \
+/* USAGE is arbitrarily split to stay under the portable string literal
 * length limit: 4095 bytes in C99. */
 #define USAGE1 \
    "\n usage: ssl_client2 param=<>...\n"                   \
    "\n acceptable parameters:\n"                           \
    "    server_name=%%s      default: localhost\n"         \
@ -401,7 +403,8 @@ int main( void )
    "\n"                                                    \
    USAGE_DTLS                                              \
    USAGE_CID                                               \
-    "\n"                                                    \
+    "\n"
 #define USAGE2 \
    "    auth_mode=%%s        default: (library default: none)\n" \
    "                        options: none, optional, required\n" \
    USAGE_IO                                                \
@ -411,7 +414,8 @@ int main( void )
    USAGE_PSK                                               \
    USAGE_ECJPAKE                                           \
    USAGE_ECRESTART                                         \
-    "\n"                                                    \
+    "\n"
 #define USAGE3 \
    "    allow_legacy=%%d     default: (library default: no)\n"   \
    USAGE_RENEGO                                            \
    "    exchanges=%%d        default: 1\n"                 \
@ -434,7 +438,8 @@ int main( void )
    USAGE_CURVES                                            \
    USAGE_RECSPLIT                                          \
    USAGE_DHMLEN                                            \
-    "\n"                                                    \
+    "\n"
 #define USAGE4 \
    "    arc4=%%d             default: (library default: 0)\n" \
    "    allow_sha1=%%d       default: 0\n"                             \
    "    min_version=%%s      default: (library default: tls1)\n"       \
@ -1244,7 +1249,10 @@ int main( int argc, char *argv[] )
        if( ret == 0 )
            ret = 1;
-        mbedtls_printf( USAGE );
+        mbedtls_printf( USAGE1 );
        mbedtls_printf( USAGE2 );
        mbedtls_printf( USAGE3 );
        mbedtls_printf( USAGE4 );
        list = mbedtls_ssl_list_ciphersuites();
        while( *list )
@ -1710,7 +1718,7 @@ int main( int argc, char *argv[] )
        }
        else if( strcmp( p, "query_config" ) == 0 )
        {
-            return query_config( q );
+            mbedtls_exit( query_config( q ) );
        }
        else if( strcmp( p, "serialize") == 0 )
        {
@ -3417,7 +3425,7 @@ exit:
    if( ret < 0 )
        ret = 1;
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@ -54,14 +54,14 @@ int main( int argc, char *argv[] )
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
           "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #elif defined(_WIN32)
 int main( void )
 {
    mbedtls_printf("_WIN32 defined. This application requires fork() and signals "
           "to work correctly.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -417,7 +417,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@ -56,7 +56,7 @@ int main( void )
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
           "not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -853,7 +853,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@ -54,7 +54,7 @@ int main( void )
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
           "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD "
           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -524,7 +524,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@ -52,7 +52,7 @@ int main( void )
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -397,7 +397,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -50,7 +50,7 @@ int main( void )
    mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -463,7 +463,9 @@ int main( void )
 #define USAGE_SERIALIZATION ""
 #endif
-#define USAGE \
+/* USAGE is arbitrarily split to stay under the portable string literal
 * length limit: 4095 bytes in C99. */
 #define USAGE1 \
    "\n usage: ssl_server2 param=<>...\n"                   \
    "\n acceptable parameters:\n"                           \
    "    server_addr=%%s      default: (all interfaces)\n"  \
@ -484,7 +486,8 @@ int main( void )
    USAGE_COOKIES                                           \
    USAGE_ANTI_REPLAY                                       \
    USAGE_BADMAC_LIMIT                                      \
-    "\n"                                                    \
+    "\n"
 #define USAGE2 \
    "    auth_mode=%%s        default: (library default: none)\n"      \
    "                        options: none, optional, required\n" \
    "    cert_req_ca_list=%%d default: 1 (send ca list)\n"  \
@ -496,7 +499,8 @@ int main( void )
    USAGE_PSK                                               \
    USAGE_CA_CALLBACK                                       \
    USAGE_ECJPAKE                                           \
-    "\n"                                                    \
+    "\n"
 #define USAGE3 \
    "    allow_legacy=%%d     default: (library default: no)\n"      \
    USAGE_RENEGO                                            \
    "    exchanges=%%d        default: 1\n"                 \
@ -513,7 +517,8 @@ int main( void )
    USAGE_EMS                                               \
    USAGE_ETM                                               \
    USAGE_CURVES                                            \
-    "\n"                                                    \
+    "\n"
 #define USAGE4 \
    "    arc4=%%d             default: (library default: 0)\n" \
    "    allow_sha1=%%d       default: 0\n"                             \
    "    min_version=%%s      default: (library default: tls1)\n"       \
@ -1910,7 +1915,10 @@ int main( int argc, char *argv[] )
        if( ret == 0 )
            ret = 1;
-        mbedtls_printf( USAGE );
+        mbedtls_printf( USAGE1 );
        mbedtls_printf( USAGE2 );
        mbedtls_printf( USAGE3 );
        mbedtls_printf( USAGE4 );
        list = mbedtls_ssl_list_ciphersuites();
        while( *list )
@ -2409,7 +2417,7 @@ int main( int argc, char *argv[] )
        }
        else if( strcmp( p, "query_config" ) == 0 )
        {
-            return query_config( q );
+            mbedtls_exit( query_config( q ) );
        }
        else if( strcmp( p, "serialize") == 0 )
        {
@ -4376,7 +4384,7 @@ exit:
    if( ret < 0 )
        ret = 1;
-    return( ret );
+    mbedtls_exit( ret );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@ -38,7 +38,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_TIMING_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -101,7 +101,7 @@ int main( void )
 #define OPTIONS                                                         \
    "md4, md5, ripemd160, sha1, sha256, sha512,\n"                      \
    "arc4, des3, des, camellia, blowfish, chacha20,\n"                  \
-    "aes_cbc, aes_gcm, aes_ccm, aes_ctx, chachapoly,\n"                 \
+    "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n"                 \
    "aes_cmac, des3_cmac, poly1305\n"                                   \
    "havege, ctr_drbg, hmac_drbg\n"                                     \
    "rsa, dhm, ecdsa, ecdh.\n"
@ -1065,7 +1065,7 @@ int main( int argc, char *argv[] )
    fflush( stdout ); getchar();
 #endif
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #endif /* MBEDTLS_TIMING_C */
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@ -500,7 +500,5 @@ int main( int argc, char *argv[] )
    if( suites_failed > 0)
        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-    /* return() is here to prevent compiler warnings */
+    mbedtls_exit( MBEDTLS_EXIT_SUCCESS );
    return( MBEDTLS_EXIT_SUCCESS );
 }
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@ -42,6 +42,7 @@
 #define mbedtls_printf          printf
 #define mbedtls_calloc          calloc
 #define mbedtls_free            free
 #define mbedtls_exit            exit
 #define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
 #define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
 #endif /* MBEDTLS_PLATFORM_C */
@ -50,7 +51,7 @@
 int main( void )
 {
    mbedtls_printf( "MBEDTLS_NET_C not defined.\n" );
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -181,7 +182,7 @@ static void exit_usage( const char *name, const char *value )
        mbedtls_printf( " option %s: illegal value: %s\n", name, value );
    mbedtls_printf( USAGE );
-    exit( 1 );
+    mbedtls_exit( 1 );
 }
 static void get_options( int argc, char *argv[] )
@ -1019,7 +1020,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_NET_C */
--- a/programs/test/zeroize.c
+++ b/programs/test/zeroize.c
@ -42,6 +42,7 @@
 #else
 #include <stdlib.h>
 #define mbedtls_printf     printf
 #define mbedtls_exit       exit
 #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
 #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
 #endif
@ -72,14 +73,14 @@ int main( int argc, char** argv )
    {
        mbedtls_printf( "This program takes exactly 1 agument\n" );
        usage();
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    fp = fopen( argv[1], "r" );
    if( fp == NULL )
    {
        mbedtls_printf( "Could not open file '%s'\n", argv[1] );
-        return( exit_code );
+        mbedtls_exit( exit_code );
    }
    while( ( c = fgetc( fp ) ) != EOF && p < end - 1 )
@ -97,5 +98,5 @@ int main( int argc, char** argv )
    fclose( fp );
    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
--- a/programs/util/pem2der.c
+++ b/programs/util/pem2der.c
@ -61,7 +61,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -290,6 +290,6 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */
--- a/programs/util/strerror.c
+++ b/programs/util/strerror.c
@ -29,7 +29,9 @@
 #include "mbedtls/platform.h"
 #else
 #include <stdio.h>
 #include <stdlib.h>
 #define mbedtls_printf     printf
 #define mbedtls_exit       exit
 #endif
 #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
@ -48,7 +50,7 @@
 int main( void )
 {
    mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
 int main( int argc, char *argv[] )
@ -59,7 +61,7 @@ int main( int argc, char *argv[] )
    if( argc != 2 )
    {
        mbedtls_printf( USAGE );
-        return( 0 );
+        mbedtls_exit( 0 );
    }
    val = strtol( argv[1], &end, 10 );
@ -87,6 +89,6 @@ int main( int argc, char *argv[] )
    fflush( stdout ); getchar();
 #endif
-    return( val );
+    mbedtls_exit( val );
 }
 #endif /* MBEDTLS_ERROR_C */
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@ -51,7 +51,7 @@ int main( void )
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -497,7 +497,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@ -46,7 +46,7 @@ int main( void )
            "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
            "not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -444,7 +444,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@ -47,7 +47,7 @@ int main( void )
            "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or "
            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
            "MBEDTLS_ERROR_C not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -815,7 +815,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
          MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@ -42,7 +42,7 @@ int main( void )
 {
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -147,7 +147,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
          MBEDTLS_FS_IO */
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@ -42,7 +42,7 @@ int main( void )
 {
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    return( 0 );
+    mbedtls_exit( 0 );
 }
 #else
@ -147,7 +147,7 @@ exit:
    fflush( stdout ); getchar();
 #endif
-    return( exit_code );
+    mbedtls_exit( exit_code );
 }
 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
          MBEDTLS_FS_IO */
--- a/scripts/config.py
+++ b/scripts/config.py
@ -159,45 +159,68 @@ def realfull_adapter(_name, active, section):
        return active
    return True
 # The goal of the full configuration is to have everything that can be tested
 # together. This includes deprecated or insecure options. It excludes:
 # * Options that require additional build dependencies or unusual hardware.
 # * Options that make testing less effective.
 # * Options that are incompatible with other options, or more generally that
 #   interact with other parts of the code in such a way that a bulk enabling
 #   is not a good way to test them.
 # * Options that remove features.
 EXCLUDE_FROM_FULL = frozenset([
    #pylint: disable=line-too-long
    'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256
    'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
    'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
    'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
    'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO
    'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
    'MBEDTLS_HAVE_SSE2', # hardware dependency
    'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C
    'MBEDTLS_MEMORY_BUFFER_ALLOC_C', # makes sanitizers (e.g. ASan) less effective
    'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C
    'MBEDTLS_NO_64BIT_MULTIPLICATION', # influences anything that uses bignum
    'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature
    'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature
    'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum
    'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper)
    'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
    'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # platform dependency (PSA SPM) (at this time)
    'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM)
    'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions)
    'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature
    'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', # removes a feature
    'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS
    'MBEDTLS_SHA512_NO_SHA384', # removes a feature
    'MBEDTLS_SSL_HW_RECORD_ACCEL', # build dependency (hook functions)
    'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature
    'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
    'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz)
 ])
 def is_seamless_alt(name):
    """Whether the xxx_ALT symbol should be included in the full configuration.
    Include alternative implementations of platform functions, which are
    configurable function pointers that default to the built-in function.
    This way we test that the function pointers exist and build correctly
    without changing the behavior, and tests can verify that the function
    pointers are used by modifying those pointers.
    Exclude alternative implementations of library functions since they require
    an implementation of the relevant functions and an xxx_alt.h header.
    """
    if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT':
        # Similar to non-platform xxx_ALT, requires platform_alt.h
        return False
    return name.startswith('MBEDTLS_PLATFORM_')
 def include_in_full(name):
    """Rules for symbols in the "full" configuration."""
-    if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name):
+    if name in EXCLUDE_FROM_FULL:
        return True
    if name in [
            'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY',
            'MBEDTLS_DEPRECATED_REMOVED',
            'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED',
            'MBEDTLS_ECP_RESTARTABLE',
            'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately
            'MBEDTLS_HAVE_SSE2',
            'MBEDTLS_MEMORY_BACKTRACE',
            'MBEDTLS_MEMORY_BUFFER_ALLOC_C',
            'MBEDTLS_MEMORY_DEBUG',
            'MBEDTLS_NO_64BIT_MULTIPLICATION',
            'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES',
            'MBEDTLS_NO_PLATFORM_ENTROPY',
            'MBEDTLS_NO_UDBL_DIVISION',
            'MBEDTLS_PKCS11_C',
            'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS',
            'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER',
            'MBEDTLS_PSA_CRYPTO_SE_C',
            'MBEDTLS_PSA_CRYPTO_SPM',
            'MBEDTLS_PSA_INJECT_ENTROPY',
            'MBEDTLS_REMOVE_3DES_CIPHERSUITES',
            'MBEDTLS_REMOVE_ARC4_CIPHERSUITES',
            'MBEDTLS_RSA_NO_CRT',
            'MBEDTLS_SHA512_NO_SHA384',
            'MBEDTLS_SSL_HW_RECORD_ACCEL',
            'MBEDTLS_SSL_PROTO_SSL3',
            'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO',
            'MBEDTLS_TEST_NULL_ENTROPY',
            'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3',
            'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION',
            'MBEDTLS_ZLIB_SUPPORT',
    ]:
        return False
    if name.endswith('_ALT'):
-        return False
+        return is_seamless_alt(name)
    return True
 def full_adapter(name, active, section):
@ -206,25 +229,33 @@ def full_adapter(name, active, section):
        return active
    return include_in_full(name)
 # The baremetal configuration excludes options that require a library or
 # operating system feature that is typically not present on bare metal
 # systems. Features that are excluded from "full" won't be in "baremetal"
 # either (unless explicitly turned on in baremetal_adapter) so they don't
 # need to be repeated here.
 EXCLUDE_FROM_BAREMETAL = frozenset([
    #pylint: disable=line-too-long
    'MBEDTLS_ENTROPY_NV_SEED', # requires a filesystem and FS_IO or alternate NV seed hooks
    'MBEDTLS_FS_IO', # requires a filesystem
    'MBEDTLS_HAVEGE_C', # requires a clock
    'MBEDTLS_HAVE_TIME', # requires a clock
    'MBEDTLS_HAVE_TIME_DATE', # requires a clock
    'MBEDTLS_NET_C', # requires POSIX-like networking
    'MBEDTLS_PLATFORM_FPRINTF_ALT', # requires FILE* from stdio.h
    'MBEDTLS_PLATFORM_NV_SEED_ALT', # requires a filesystem and ENTROPY_NV_SEED
    'MBEDTLS_PLATFORM_TIME_ALT', # requires a clock and HAVE_TIME
    'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem and PSA_CRYPTO_STORAGE_C
    'MBEDTLS_PSA_CRYPTO_STORAGE_C', # requires a filesystem
    'MBEDTLS_PSA_ITS_FILE_C', # requires a filesystem
    'MBEDTLS_THREADING_C', # requires a threading interface
    'MBEDTLS_THREADING_PTHREAD', # requires pthread
    'MBEDTLS_TIMING_C', # requires a clock
 ])
 def keep_in_baremetal(name):
    """Rules for symbols in the "baremetal" configuration."""
-    if name in [
+    if name in EXCLUDE_FROM_BAREMETAL:
            'MBEDTLS_DEPRECATED_WARNING',
            'MBEDTLS_ENTROPY_NV_SEED',
            'MBEDTLS_FS_IO',
            'MBEDTLS_HAVEGE_C',
            'MBEDTLS_HAVE_TIME',
            'MBEDTLS_HAVE_TIME_DATE',
            'MBEDTLS_NET_C',
            'MBEDTLS_PLATFORM_FPRINTF_ALT',
            'MBEDTLS_PLATFORM_TIME_ALT',
            'MBEDTLS_PSA_CRYPTO_SE_C',
            'MBEDTLS_PSA_CRYPTO_STORAGE_C',
            'MBEDTLS_PSA_ITS_FILE_C',
            'MBEDTLS_THREADING_C',
            'MBEDTLS_THREADING_PTHREAD',
            'MBEDTLS_TIMING_C',
    ]:
        return False
    return True
@ -233,6 +264,7 @@ def baremetal_adapter(name, active, section):
    if not is_full_section(section):
        return active
    if name == 'MBEDTLS_NO_PLATFORM_ENTROPY':
        # No OS-provided entropy source
        return True
    return include_in_full(name) and keep_in_baremetal(name)
@ -243,10 +275,10 @@ def include_in_crypto(name):
       name.startswith('MBEDTLS_KEY_EXCHANGE_'):
        return False
    if name in [
-            'MBEDTLS_CERTS_C',
+            'MBEDTLS_CERTS_C', # part of libmbedx509
-            'MBEDTLS_DEBUG_C',
+            'MBEDTLS_DEBUG_C', # part of libmbedtls
-            'MBEDTLS_NET_C',
+            'MBEDTLS_NET_C', # part of libmbedtls
-            'MBEDTLS_PKCS11_C',
+            'MBEDTLS_PKCS11_C', # part of libmbedx509
    ]:
        return False
    return True
@ -265,6 +297,28 @@ def crypto_adapter(adapter):
        return adapter(name, active, section)
    return continuation
 DEPRECATED = frozenset([
    'MBEDTLS_SSL_PROTO_SSL3',
    'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO',
 ])
 def no_deprecated_adapter(adapter):
    """Modify an adapter to disable deprecated symbols.
    ``no_deprecated_adapter(adapter)(name, active, section)`` is like
    ``adapter(name, active, section)``, but unsets all deprecated symbols
    and sets ``MBEDTLS_DEPRECATED_REMOVED``.
    """
    def continuation(name, active, section):
        if name == 'MBEDTLS_DEPRECATED_REMOVED':
            return True
        if name in DEPRECATED:
            return False
        if adapter is None:
            return active
        return adapter(name, active, section)
    return continuation
 class ConfigFile(Config):
    """Representation of the Mbed TLS configuration read for a file.
@ -430,6 +484,10 @@ if __name__ == '__main__':
                    Exclude alternative implementations and platform support
                    options, as well as some options that are awkward to test.
                    """)
        add_adapter('full_no_deprecated', no_deprecated_adapter(full_adapter),
                    """Uncomment most non-deprecated features.
                    Like "full", but without deprecated features.
                    """)
        add_adapter('realfull', realfull_adapter,
                    """Uncomment all boolean #defines.
                    Suitable for generating documentation, but not for building.""")
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@ -45,7 +45,6 @@ HEADER_INCLUDED
 const char * mbedtls_high_level_strerr( int error_code )
 {
    int high_level_error_code;
    const char *error_description = NULL;
    if( error_code < 0 )
        error_code = -error_code;
@ -63,13 +62,12 @@ HIGH_LEVEL_CODE_CHECKS
            break;
    }
-    return error_description;
+    return( NULL );
 }
 const char * mbedtls_low_level_strerr( int error_code )
 {
    int low_level_error_code;
    const char *error_description = NULL;
    if( error_code < 0 )
        error_code = -error_code;
@ -87,7 +85,7 @@ LOW_LEVEL_CODE_CHECKS
            break;
    }
-    return error_description;
+    return( NULL );
 }
 void mbedtls_strerror( int ret, char *buf, size_t buflen )
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@ -161,8 +161,7 @@ foreach my $line (@matches)
    }
    ${$code_check} .= "${white_space}case -($error_name):\n".
-                      "${white_space}    error_description = \"$module_name - $description\";\n".
+                      "${white_space}    return( \"$module_name - $description\" );\n"
                      "${white_space}    break;\n"
 };
 if ($ll_old_define ne "")
--- a/scripts/windows_msbuild.bat
+++ b/scripts/windows_msbuild.bat
@ -0,0 +1,20 @@
@rem Build and test Mbed TLS with Visual Studio using msbuild.
@rem Usage: windows_msbuild [RETARGET]
@rem   RETARGET: version of Visual Studio to emulate
@rem             https://docs.microsoft.com/en-us/cpp/build/how-to-modify-the-target-framework-and-platform-toolset
@rem These parameters are hard-coded for now.
 set "arch=x64" & @rem "x86" or "x64"
 set "cfg=Release" & @rem "Debug" or "Release"
 set "vcvarsall=C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build\vcvarsall.bat"
 if not "%~1"=="" set "retarget=,PlatformToolset=%1"
@rem If the %USERPROFILE%\Source directory exists, then running
@rem vcvarsall.bat will silently change the directory to that directory.
@rem Setting the VSCMD_START_DIR environment variable causes it to change
@rem to that directory instead.
 set "VSCMD_START_DIR=%~dp0\..\visualc\VS2010"
 "%vcvarsall%" x64 && ^
 msbuild /t:Rebuild /p:Configuration=%cfg%%retarget% /m mbedTLS.sln
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@ -138,6 +138,7 @@ pre_initialize_variables () {
    : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
    : ${ARMC5_BIN_DIR:=/usr/bin}
    : ${ARMC6_BIN_DIR:=/usr/bin}
    : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-}
    # if MAKEFLAGS is not set add the -j option to speed up invocations of make
    if [ -z "${MAKEFLAGS+set}" ]; then
@ -203,6 +204,9 @@ General options:
  -k|--keep-going       Run all tests and report errors at the end.
  -m|--memory           Additional optional memory tests.
     --append-outcome   Append to the outcome file (if used).
     --arm-none-eabi-gcc-prefix=<string>
                        Prefix for a cross-compiler for arm-none-eabi
                        (default: "${ARM_NONE_EABI_GCC_PREFIX}")
     --armcc            Run ARM Compiler builds (on by default).
     --except           Exclude the COMPONENTs listed on the command line,
                        instead of running only those.
@ -295,9 +299,13 @@ armc6_build_test()
 {
    FLAGS="$1"
-    msg "build: ARM Compiler 6 ($FLAGS), make"
+    msg "build: ARM Compiler 6 ($FLAGS)"
    ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
                    WARNING_CFLAGS='-xc -std=c99' make lib
    msg "size: ARM Compiler 6 ($FLAGS)"
    "$ARMC6_FROMELF" -z library/*.o
    make clean
 }
@ -335,6 +343,7 @@ pre_parse_command_line () {
    while [ $# -gt 0 ]; do
        case "$1" in
            --append-outcome) append_outcome=1;;
            --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";;
            --armcc) no_armcc=;;
            --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
            --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
@ -547,7 +556,7 @@ pre_check_tools () {
    esac
    case " $RUN_COMPONENTS " in
-        *_arm_none_eabi_gcc[_\ ]*) check_tools "arm-none-eabi-gcc";;
+        *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";;
    esac
    case " $RUN_COMPONENTS " in
@ -562,9 +571,12 @@ pre_check_tools () {
        *_armcc*)
            ARMC5_CC="$ARMC5_BIN_DIR/armcc"
            ARMC5_AR="$ARMC5_BIN_DIR/armar"
            ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf"
            ARMC6_CC="$ARMC6_BIN_DIR/armclang"
            ARMC6_AR="$ARMC6_BIN_DIR/armar"
-            check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";;
+            ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf"
            check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \
                        "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";;
    esac
    msg "info: output_env.sh"
@ -645,7 +657,7 @@ component_test_default_out_of_box () {
    make test
    msg "selftest: make, default config (out-of-box)" # ~10s
-    programs/test/selftest
+    if_build_succeeded programs/test/selftest
    export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE"
    unset SAVE_MBEDTLS_TEST_OUTCOME_FILE
@ -659,6 +671,9 @@ component_test_default_cmake_gcc_asan () {
    msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
    make test
    msg "test: selftest (ASan build)" # ~ 10s
    if_build_succeeded programs/test/selftest
    msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
    if_build_succeeded tests/ssl-opt.sh
@ -678,6 +693,9 @@ component_test_full_cmake_gcc_asan () {
    msg "test: main suites (inc. selftests) (full config, ASan build)"
    make test
    msg "test: selftest (ASan build)" # ~ 10s
    if_build_succeeded programs/test/selftest
    msg "test: ssl-opt.sh (full config, ASan build)"
    if_build_succeeded tests/ssl-opt.sh
@ -909,26 +927,58 @@ component_test_full_cmake_clang () {
    if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 }
-component_build_deprecated () {
+component_test_default_no_deprecated () {
-    msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
+    # Test that removing the deprecated features from the default
    # configuration leaves something consistent.
    msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s
    scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
    msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s
    make test
 }
 component_test_full_no_deprecated () {
    msg "build: make, full_no_deprecated config" # ~ 30s
    scripts/config.py full_no_deprecated
    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
    msg "test: make, full_no_deprecated config" # ~ 5s
    make test
 }
 component_test_full_no_deprecated_deprecated_warning () {
    # Test that there is nothing deprecated in "full_no_deprecated".
    # A deprecated feature would trigger a warning (made fatal) from
    # MBEDTLS_DEPRECATED_WARNING.
    msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s
    scripts/config.py full_no_deprecated
    scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
    msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
    make test
 }
 component_test_full_deprecated_warning () {
    # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes
    # with only certain whitelisted types of warnings.
    msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
    scripts/config.py full
    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
-    # Build with -O -Wextra to catch a maximum of issues.
+    # Expect warnings from '#warning' directives in check_config.h.
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs
    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
-    msg "test: make, full config + DEPRECATED_WARNING, expect warnings" # ~ 30s
+    msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
-    make -C tests clean
+    # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features.
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -DMBEDTLS_TEST_DEPRECATED' tests
+    # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set.
    # Expect warnings from '#warning' directives in check_config.h and
    # from the use of deprecated functions in test suites.
    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests
-    msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s
+    msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s
-    # No cleanup, just tweak the configuration and rebuild
+    make test
    make clean
    scripts/config.py unset MBEDTLS_DEPRECATED_WARNING
    scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
    # Build with -O -Wextra to catch a maximum of issues.
    make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs
    make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
 }
 # Check that the specified libraries exist and are empty.
@ -997,6 +1047,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() {
    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
    make
@ -1035,6 +1086,7 @@ component_test_check_params_without_platform () {
    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
@ -1064,6 +1116,7 @@ component_test_no_platform () {
    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
    scripts/config.py unset MBEDTLS_FS_IO
    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
@ -1081,6 +1134,7 @@ component_build_no_std_function () {
    scripts/config.py full
    scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
    make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
 }
@ -1270,6 +1324,7 @@ component_test_null_entropy () {
    scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
    scripts/config.py set MBEDTLS_ENTROPY_C
    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
    scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
    scripts/config.py unset MBEDTLS_HAVEGE_C
    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
@ -1387,16 +1442,6 @@ component_test_se_default () {
    make test
 }
 component_test_se_full () {
    msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C"
    scripts/config.py full
    scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C
    make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
    msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C"
    make test
 }
 component_test_make_shared () {
    msg "build/test: make shared" # ~ 40s
    make SHARED=1 all check
@ -1415,7 +1460,7 @@ test_build_opt () {
    info=$1 cc=$2; shift 2
    for opt in "$@"; do
          msg "build/test: $cc $opt, $info" # ~ 30s
-          make CC="$cc" CFLAGS="$opt -Wall -Wextra -Werror"
+          make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror"
          # We're confident enough in compilers to not run _all_ the tests,
          # but at least run the unit tests. In particular, runs with
          # optimizations use inline assembly whereas runs with -O0
@ -1566,45 +1611,63 @@ component_test_no_64bit_multiplication () {
 }
 component_build_arm_none_eabi_gcc () {
-    msg "build: arm-none-eabi-gcc, make" # ~ 10s
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s
    scripts/config.py baremetal
-    make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -O1' lib
    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1"
    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
 }
 component_build_arm_none_eabi_gcc_arm5vte () {
-    msg "build: arm-none-eabi-gcc -march=arm5vte, make" # ~ 10s
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s
    scripts/config.py baremetal
    # Build for a target platform that's close to what Debian uses
    # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort).
    # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments.
    # It would be better to build with arm-linux-gnueabi-gcc but
    # we don't have that on our CI at this time.
-    make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1"
    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
 }
 component_build_arm_none_eabi_gcc_m0plus () {
    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s
    scripts/config.py baremetal
    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib
    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os"
    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
 }
 component_build_arm_none_eabi_gcc_no_udbl_division () {
-    msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
    scripts/config.py baremetal
    scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
-    make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib
    echo "Checking that software 64-bit division is not required"
    if_build_succeeded not grep __aeabi_uldiv library/*.o
 }
 component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
-    msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
    scripts/config.py baremetal
    scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
-    make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
    echo "Checking that software 64-bit multiplication is not required"
    if_build_succeeded not grep __aeabi_lmul library/*.o
 }
 component_build_armcc () {
-    msg "build: ARM Compiler 5, make"
+    msg "build: ARM Compiler 5"
    scripts/config.py baremetal
    make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
    msg "size: ARM Compiler 5"
    "$ARMC5_FROMELF" -z library/*.o
    make clean
    # ARM Compiler 6 - Target ARMv7-A
--- a/tests/scripts/basic-build-test.sh
+++ b/tests/scripts/basic-build-test.sh
@ -68,10 +68,6 @@ export LDFLAGS=' --coverage'
 make clean
 cp "$CONFIG_H" "$CONFIG_BAK"
 scripts/config.py full
 # Enable some deprecated or experimental features that are not in the
 # full config, but are compatible with it and have tests.
 scripts/config.py set MBEDTLS_SSL_PROTO_SSL3
 scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C
 make -j
--- a/tests/scripts/check-files.py
+++ b/tests/scripts/check-files.py
@ -103,7 +103,7 @@ class LineIssueTracker(FileIssueTracker):
 def is_windows_file(filepath):
    _root, ext = os.path.splitext(filepath)
-    return ext in ('.dsp', '.sln', '.vcxproj')
+    return ext in ('.bat', '.dsp', '.sln', '.vcxproj')
 class PermissionIssueTracker(FileIssueTracker):
@ -224,6 +224,7 @@ class IntegrityChecker:
        self.logger = None
        self.setup_logger(log_file)
        self.extensions_to_check = (
            ".bat",
            ".c",
            ".data",
            ".dsp",
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@ -551,7 +551,7 @@ int execute_tests( int argc , const char ** argv )
        return( 1 );
    }
-    if( outcome_file_name != NULL )
+    if( outcome_file_name != NULL && *outcome_file_name != '\0' )
    {
        outcome_file = fopen( outcome_file_name, "a" );
        if( outcome_file == NULL )
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@ -19,6 +19,12 @@
 *  This file is part of Mbed TLS (https://tls.mbed.org)
 */
 #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
 #if !defined(_POSIX_C_SOURCE)
 #define _POSIX_C_SOURCE 1 // for fileno() from <stdio.h>
 #endif
 #endif
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include <mbedtls/config.h>
 #else
--- a/tests/suites/test_suite_entropy.function
+++ b/tests/suites/test_suite_entropy.function
@ -1,6 +1,7 @@
 /* BEGIN_HEADER */
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
 #include "mbedtls/md.h"
 #include "string.h"
 typedef enum
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@ -6,14 +6,11 @@ register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS
 Register SE driver: good, again
 register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS
-Register SE driver: invalid lifetime (0)
+Register SE driver: invalid location (0)
 register_one:0:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT
-Register SE driver: invalid lifetime (VOLATILE)
+Register SE driver: invalid location (local)
-register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT
+register_one:PSA_KEY_LOCATION_LOCAL_STORAGE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT
 Register SE driver: invalid lifetime (PERSISTENT)
 register_one:PSA_KEY_LIFETIME_PERSISTENT:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT
 Register SE driver: invalid version (ancient)
 register_one:2:0x00000003:PSA_ERROR_NOT_SUPPORTED
@ -121,7 +118,7 @@ Key generation smoke test: HMAC-SHA-256
 generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 )
 Key registration: smoke test
-register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:PSA_SUCCESS
 Key registration: invalid lifetime (volatile)
 register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
@ -130,13 +127,13 @@ Key registration: invalid lifetime (internal storage)
 register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT
 Key registration: invalid lifetime (no registered driver)
-register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:PSA_ERROR_INVALID_ARGUMENT
 Key registration: rejected
-register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:0:PSA_ERROR_NOT_PERMITTED
 Key registration: not supported
-register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED
 Import-sign-verify: sign in driver, ECDSA
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@ -18,8 +18,14 @@
 /* Test driver helpers */
 /****************************************************************/
-/** The minimum valid lifetime value for a secure element driver. */
+/** The minimum valid location value for a secure element driver. */
-#define MIN_DRIVER_LIFETIME 2
+#define MIN_DRIVER_LOCATION 1
 /** The location and lifetime used for tests that use a single driver. */
 #define TEST_DRIVER_LOCATION 1
 #define TEST_SE_PERSISTENT_LIFETIME                             \
    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
        PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
 /** The driver detected a condition that shouldn't happen.
 * This is probably a bug in the library. */
@ -547,7 +553,7 @@ static int check_key_attributes(
            psa_get_key_lifetime( &actual_attributes );
        psa_status_t status = psa_get_key_slot_number( &actual_attributes,
                                                       &actual_slot_number );
-        if( lifetime < MIN_DRIVER_LIFETIME )
+        if( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) < MIN_DRIVER_LOCATION )
        {
            /* The key is not in a secure element. */
            TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
@ -571,23 +577,23 @@ exit:
    return( ok );
 }
-/* Get the file UID corresponding to the specified lifetime.
+/* Get the file UID corresponding to the specified location.
 * If this changes, the storage format version must change.
 * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c.
 */
-psa_storage_uid_t file_uid_for_lifetime( psa_key_lifetime_t lifetime )
+psa_storage_uid_t file_uid_for_location( psa_key_location_t location )
 {
-    if( lifetime > PSA_MAX_SE_LIFETIME )
+    if( location > PSA_MAX_SE_LOCATION )
        return( 0 );
-    return( 0xfffffe00 + lifetime );
+    return( 0xfffffe00 + location );
 }
 /* Check that the persistent data of a driver has its expected content. */
-static int check_persistent_data( psa_key_lifetime_t lifetime,
+static int check_persistent_data( psa_key_location_t location,
                                  const void *expected_data,
                                  size_t size )
 {
-    psa_storage_uid_t uid = file_uid_for_lifetime( lifetime );
+    psa_storage_uid_t uid = file_uid_for_location( location );
    struct psa_storage_info_t info;
    uint8_t *loaded = NULL;
    int ok = 0;
@ -737,7 +743,7 @@ exit:
 static void psa_purge_storage( void )
 {
    psa_key_id_t id;
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
    /* The tests may have potentially created key ids from 1 to
     * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
     * 0, which file-based storage uses as a temporary file. */
@ -746,8 +752,8 @@ static void psa_purge_storage( void )
    /* Purge the transaction file. */
    psa_crypto_stop_transaction( );
    /* Purge driver persistent data. */
-    for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ )
+    for( location = 0; location < PSA_MAX_SE_LOCATION; location++ )
-        psa_destroy_se_persistent_data( lifetime );
+        psa_destroy_se_persistent_data( location );
 }
 /* END_HEADER */
@ -758,7 +764,7 @@ static void psa_purge_storage( void )
 */
 /* BEGIN_CASE */
-void register_one( int lifetime, int version, int expected_status_arg )
+void register_one( int location, int version, int expected_status_arg )
 {
    psa_status_t expected_status = expected_status_arg;
    psa_drv_se_t driver;
@ -766,7 +772,7 @@ void register_one( int lifetime, int version, int expected_status_arg )
    memset( &driver, 0, sizeof( driver ) );
    driver.hal_version = version;
-    TEST_EQUAL( psa_register_se_driver( lifetime, &driver ),
+    TEST_EQUAL( psa_register_se_driver( location, &driver ),
                expected_status );
    PSA_ASSERT( psa_crypto_init( ) );
@ -780,16 +786,16 @@ exit:
 void register_twice( int count )
 {
    psa_drv_se_t driver;
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
-    psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + count;
+    psa_key_location_t max = MIN_DRIVER_LOCATION + count;
    memset( &driver, 0, sizeof( driver ) );
    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ )
+    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ )
+    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        TEST_EQUAL( psa_register_se_driver( lifetime, &driver ),
+        TEST_EQUAL( psa_register_se_driver( location, &driver ),
                    PSA_ERROR_ALREADY_EXISTS );
    PSA_ASSERT( psa_crypto_init( ) );
@ -803,16 +809,16 @@ exit:
 void register_max( )
 {
    psa_drv_se_t driver;
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
-    psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + PSA_MAX_SE_DRIVERS;
+    psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS;
    memset( &driver, 0, sizeof( driver ) );
    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ )
+    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    TEST_EQUAL( psa_register_se_driver( lifetime, &driver ),
+    TEST_EQUAL( psa_register_se_driver( location, &driver ),
                PSA_ERROR_INSUFFICIENT_MEMORY );
    PSA_ASSERT( psa_crypto_init( ) );
@ -827,7 +833,8 @@ void key_creation_import_export( int min_slot, int restart )
 {
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -846,7 +853,7 @@ void key_creation_import_export( int min_slot, int restart )
    key_management.p_export = ram_export;
    ram_min_slot = min_slot;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    /* Create a key. */
@ -857,7 +864,7 @@ void key_creation_import_export( int min_slot, int restart )
    PSA_ASSERT( psa_import_key( &attributes,
                                key_material, sizeof( key_material ),
                                &handle ) );
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &ram_shadow_slot_usage,
                                 sizeof( ram_shadow_slot_usage ) ) )
        goto exit;
@ -866,9 +873,9 @@ void key_creation_import_export( int min_slot, int restart )
    if( restart )
    {
        mbedtls_psa_crypto_free( );
-        PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
        PSA_ASSERT( psa_crypto_init( ) );
-        if( ! check_persistent_data( lifetime,
+        if( ! check_persistent_data( location,
                                     &ram_shadow_slot_usage,
                                     sizeof( ram_shadow_slot_usage ) ) )
            goto exit;
@ -894,7 +901,7 @@ void key_creation_import_export( int min_slot, int restart )
    PSA_ASSERT( psa_destroy_key( handle ) );
    handle = 0;
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &ram_shadow_slot_usage,
                                 sizeof( ram_shadow_slot_usage ) ) )
        goto exit;
@ -921,7 +928,8 @@ void key_creation_in_chosen_slot( int slot_arg,
    psa_status_t status;
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -937,7 +945,7 @@ void key_creation_in_chosen_slot( int slot_arg,
    key_management.p_destroy = ram_destroy;
    key_management.p_export = ram_export;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    /* Create a key. */
@ -953,7 +961,7 @@ void key_creation_in_chosen_slot( int slot_arg,
    if( status != PSA_SUCCESS )
        goto exit;
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &ram_shadow_slot_usage,
                                 sizeof( ram_shadow_slot_usage ) ) )
        goto exit;
@ -962,9 +970,9 @@ void key_creation_in_chosen_slot( int slot_arg,
    if( restart )
    {
        mbedtls_psa_crypto_free( );
-        PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
        PSA_ASSERT( psa_crypto_init( ) );
-        if( ! check_persistent_data( lifetime,
+        if( ! check_persistent_data( location,
                                     &ram_shadow_slot_usage,
                                     sizeof( ram_shadow_slot_usage ) ) )
            goto exit;
@ -980,7 +988,7 @@ void key_creation_in_chosen_slot( int slot_arg,
    PSA_ASSERT( psa_destroy_key( handle ) );
    handle = 0;
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &ram_shadow_slot_usage,
                                 sizeof( ram_shadow_slot_usage ) ) )
        goto exit;
@ -1002,7 +1010,8 @@ void import_key_smoke( int type_arg, int alg_arg,
    psa_algorithm_t alg = alg_arg;
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -1016,7 +1025,7 @@ void import_key_smoke( int type_arg, int alg_arg,
    key_management.p_import = null_import;
    key_management.p_destroy = null_destroy;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    /* Create a key. */
@ -1031,7 +1040,7 @@ void import_key_smoke( int type_arg, int alg_arg,
    PSA_ASSERT( psa_import_key( &attributes,
                                key_material->x, key_material->len,
                                &handle ) );
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
@ -1041,9 +1050,9 @@ void import_key_smoke( int type_arg, int alg_arg,
    /* Restart and try again. */
    mbedtls_psa_crypto_free( );
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
    PSA_ASSERT( psa_open_key( id, &handle ) );
@ -1053,7 +1062,7 @@ void import_key_smoke( int type_arg, int alg_arg,
    /* We're done. */
    PSA_ASSERT( psa_destroy_key( handle ) );
    handle = 0;
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
    TEST_EQUAL( psa_open_key( id, &handle ),
@ -1073,7 +1082,8 @@ void generate_key_not_supported( int type_arg, int bits_arg )
    size_t bits = bits_arg;
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -1086,7 +1096,7 @@ void generate_key_not_supported( int type_arg, int bits_arg )
    key_management.p_allocate = counter_allocate;
    /* No p_generate method */
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -1111,7 +1121,8 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
    psa_algorithm_t alg = alg_arg;
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -1125,7 +1136,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
    key_management.p_generate = null_generate;
    key_management.p_destroy = null_destroy;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    /* Create a key. */
@ -1139,7 +1150,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
    psa_set_key_type( &attributes, type );
    psa_set_key_bits( &attributes, bits );
    PSA_ASSERT( psa_generate_key( &attributes, &handle ) );
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
@ -1149,9 +1160,9 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
    /* Restart and try again. */
    mbedtls_psa_crypto_free( );
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
    PSA_ASSERT( psa_open_key( id, &handle ) );
@ -1161,7 +1172,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
    /* We're done. */
    PSA_ASSERT( psa_destroy_key( handle ) );
    handle = 0;
-    if( ! check_persistent_data( lifetime,
+    if( ! check_persistent_data( location,
                                 &shadow_counter, sizeof( shadow_counter ) ) )
        goto exit;
    TEST_EQUAL( psa_open_key( id, &handle ),
@ -1190,7 +1201,8 @@ void sign_verify( int flow,
    psa_drv_se_key_management_t key_management;
    psa_drv_se_asymmetric_t asymmetric;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t drv_handle = 0; /* key managed by the driver */
    psa_key_handle_t sw_handle = 0; /* transparent key */
@ -1229,7 +1241,7 @@ void sign_verify( int flow,
    }
    asymmetric.p_verify = ram_verify;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    /* Prepare to create two keys with the same key material: a transparent
@ -1347,6 +1359,7 @@ void register_key_smoke_test( int lifetime_arg,
                              int expected_status_arg )
 {
    psa_key_lifetime_t lifetime = lifetime_arg;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_status_t expected_status = expected_status_arg;
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
@ -1371,7 +1384,7 @@ void register_key_smoke_test( int lifetime_arg,
            ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED );
    }
-    PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LIFETIME, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -1395,7 +1408,7 @@ void register_key_smoke_test( int lifetime_arg,
    /* Restart and try again. */
    PSA_DONE( );
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    PSA_ASSERT( psa_open_key( id, &handle ) );
    if( ! check_key_attributes( handle, &attributes ) )
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data
@ -1,11 +1,14 @@
 SE init mock test: success
-mock_init:2:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:1
+mock_init:1:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:1
 SE init mock test: failure
-mock_init:2:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE:1
+mock_init:1:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE:1
-SE init mock test: invalid lifetime
+SE init mock test: invalid location (0)
-mock_init:1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0
+mock_init:0:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0
 SE init mock test: location not supported (INT_MAX)
 mock_init:INT_MAX:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0
 SE key importing mock test
 mock_import:PSA_SUCCESS:PSA_SUCCESS:0:PSA_SUCCESS
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@ -5,10 +5,16 @@
 #include "psa_crypto_se.h"
 #include "psa_crypto_storage.h"
 /** The location and lifetime used for tests that use a single driver. */
 #define TEST_DRIVER_LOCATION 1
 #define TEST_SE_PERSISTENT_LIFETIME                             \
    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
        PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
 static struct
 {
    uint16_t called;
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
    psa_status_t return_value;
 } mock_init_data;
@ -84,7 +90,7 @@ static struct
 static void psa_purge_storage( void )
 {
    psa_key_id_t id;
-    psa_key_lifetime_t lifetime;
+    psa_key_location_t location;
    /* The tests may have potentially created key ids from 1 to
     * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
     * 0, which file-based storage uses as a temporary file. */
@ -93,8 +99,8 @@ static void psa_purge_storage( void )
    /* Purge the transaction file. */
    psa_crypto_stop_transaction( );
    /* Purge driver persistent data. */
-    for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ )
+    for( location = 0; location < PSA_MAX_SE_LOCATION; location++ )
-        psa_destroy_se_persistent_data( lifetime );
+        psa_destroy_se_persistent_data( location );
 }
 static void mock_teardown( void )
@ -113,13 +119,13 @@ static void mock_teardown( void )
 static psa_status_t mock_init( psa_drv_se_context_t *drv_context,
                               void *persistent_data,
-                               psa_key_lifetime_t lifetime )
+                               psa_key_location_t location )
 {
    (void) drv_context;
    (void) persistent_data;
    mock_init_data.called++;
-    mock_init_data.lifetime = lifetime;
+    mock_init_data.location = location;
    return( mock_init_data.return_value );
 }
@ -279,13 +285,13 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context,
 */
 /* BEGIN_CASE */
-void mock_init( int lifetime_arg,
+void mock_init( int location_arg,
                int expected_register_status_arg,
                int driver_status_arg,
                int expected_psa_status_arg,
                int expected_called )
 {
-    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_location_t location = location_arg;
    psa_status_t expected_register_status = expected_register_status_arg;
    psa_status_t driver_status = driver_status_arg;
    psa_status_t expected_psa_status = expected_psa_status_arg;
@ -297,7 +303,7 @@ void mock_init( int lifetime_arg,
    mock_init_data.return_value = driver_status;
-    TEST_EQUAL( psa_register_se_driver( lifetime, &driver ),
+    TEST_EQUAL( psa_register_se_driver( location, &driver ),
                expected_register_status );
    psa_crypto_init_called = 1;
@ -305,7 +311,7 @@ void mock_init( int lifetime_arg,
    TEST_EQUAL( mock_init_data.called, expected_called );
    if( expected_called )
-        TEST_EQUAL( mock_init_data.lifetime, lifetime );
+        TEST_EQUAL( mock_init_data.location, location );
 exit:
    if( psa_crypto_init_called )
@ -322,7 +328,8 @@ void mock_import( int mock_alloc_return_value,
 {
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -339,7 +346,7 @@ void mock_import( int mock_alloc_return_value,
    key_management.p_destroy = mock_destroy;
    key_management.p_allocate = mock_allocate;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -378,7 +385,8 @@ void mock_export( int mock_export_return_value, int expected_result )
 {
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -397,7 +405,7 @@ void mock_export( int mock_export_return_value, int expected_result )
    key_management.p_destroy = mock_destroy;
    key_management.p_allocate = mock_allocate;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -431,7 +439,8 @@ void mock_generate( int mock_alloc_return_value,
 {
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -446,7 +455,7 @@ void mock_generate( int mock_alloc_return_value,
    key_management.p_destroy = mock_destroy;
    key_management.p_allocate = mock_allocate;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -485,7 +494,8 @@ void mock_export_public( int mock_export_public_return_value,
 {
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -503,7 +513,7 @@ void mock_export_public( int mock_export_public_return_value,
    key_management.p_destroy = mock_destroy;
    key_management.p_allocate = mock_allocate;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -534,7 +544,8 @@ void mock_sign( int mock_sign_return_value, int expected_result )
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
    psa_drv_se_asymmetric_t asymmetric;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -559,7 +570,7 @@ void mock_sign( int mock_sign_return_value, int expected_result )
    driver.asymmetric = &asymmetric;
    asymmetric.p_sign = mock_sign;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
@ -594,7 +605,8 @@ void mock_verify( int mock_verify_return_value, int expected_result )
    psa_drv_se_t driver;
    psa_drv_se_key_management_t key_management;
    psa_drv_se_asymmetric_t asymmetric;
-    psa_key_lifetime_t lifetime = 2;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
    psa_key_id_t id = 1;
    psa_key_handle_t handle = 0;
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -618,7 +630,7 @@ void mock_verify( int mock_verify_return_value, int expected_result )
    driver.asymmetric = &asymmetric;
    asymmetric.p_verify = mock_verify;
-    PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) );
+    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
    PSA_ASSERT( psa_crypto_init( ) );
    psa_set_key_id( &attributes, id );
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@ -176,7 +176,7 @@ x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version     \: 3\nserial
 X509 certificate v1 with extension
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version     \: 1\nserial number     \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name       \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name      \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued  on        \: 2013-07-04 16\:17\:02\nexpires on        \: 2014-07-04 16\:17\:02\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nsubject alt name  \:\n    dNSName \: identity-check.org\n    dNSName \: www.identity-check.org\n"
+x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version     \: 1\nserial number     \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name       \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name      \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued  on        \: 2013-07-04 16\:17\:02\nexpires on        \: 2014-07-04 16\:17\:02\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nsubject alt name  \:\n    dNSName \: identity-check.org\n    dNSName \: www.identity-check.org\n    <unsupported>\n"
 X509 SAN parsing otherName
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
@ -1563,7 +1563,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed)
@ -1583,13 +1583,21 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA
 X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3)
 depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3)
 depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 X509 CRT ASN1 (TBS, inv v3Ext, inv tag)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
@ -1838,12 +1846,24 @@ X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated outside Extensions)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
-X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT)
+X509 CRT (TBS, valid v3Ext in v1 CRT, ALLOW_EXTENSIONS_NON_V3)
 depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version     \: 1\nserial number     \: DE\:AD\:BE\:EF\nissuer name       \: ??=Test\nsubject name      \: ??=Test\nissued  on        \: 2009-01-01 00\:00\:00\nexpires on        \: 2009-12-31 23\:59\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 128 bits\nsubject alt name  \:\n    dNSName \: foo.test\n    dNSName \: bar.test\n":0
 X509 CRT (TBS, valid v3Ext in v2 CRT, ALLOW_EXTENSIONS_NON_V3)
 depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version     \: 2\nserial number     \: DE\:AD\:BE\:EF\nissuer name       \: ??=Test\nsubject name      \: ??=Test\nissued  on        \: 2009-01-01 00\:00\:00\nexpires on        \: 2009-12-31 23\:59\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 128 bits\nsubject alt name  \:\n    dNSName \: foo.test\n    dNSName \: bar.test\n":0
 X509 CRT (TBS, valid v3Ext in v3 CRT)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version     \: 3\nserial number     \: DE\:AD\:BE\:EF\nissuer name       \: ??=Test\nsubject name      \: ??=Test\nissued  on        \: 2009-01-01 00\:00\:00\nexpires on        \: 2009-12-31 23\:59\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 128 bits\nsubject alt name  \:\n    dNSName \: foo.test\n    dNSName \: bar.test\n":0
 X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT)
 depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 X509 CRT ASN1 (TBS, valid v3Ext in v2 CRT)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 X509 CRT ASN1 (TBS, valid SubjectID, valid IssuerID, inv v3Ext, SubjectAltName repeated outside Extensions, inv SubjectAltNames tag)